SHARE
Posted April 27, 2019
It’s almost the one year anniversary for GDPR compliance. Did you get anything good from data protection authorities to “celebrate”? Because Google got a $57 million fine back in January.
The General Data Protection Regulation (GDPR) still presents a challenge to businesses around the world. GDPR compliance has created a range of new responsibilities and worries for information security and legal teams tasked with maintaining compliance with this data privacy regulation. Despite this, many businesses will tell you they don’t have a GDPR compliance problem. They either believe they’re compliant (which may or may not be true) or they think they’re “too small” to have to worry about it.
According to global law firm DLA Piper, as of February 6th there were 91 fines reported relating to GDPR infringements (including data breach) across Europe. The largest fine imposed was the $57 million fine against Google in January. Other organizations that have received fines include a hospital in Portugal ($452,014), a German social media platform ($22,600), and an entrepreneur that owns a betting shop ($5,424). You’ll notice two things here: the fines appear proportionate to annual revenue and the offense, and the size of the business that received the fine didn’t matter.
GDPR has changed the global landscape for privacy and its effects reach far beyond the European Union. What steps have you taken (or will you be taking) to become compliant – and stay that way?
Being headquartered in the United States doesn’t mean you can “escape” GDPR compliance. As the Google fine demonstrates, businesses aren’t just at risk from official auditors and regulators – individual legal practitioners can also file lawsuits and activist groups can file formal complaints.
While GDPR has no doubt been the source of many headaches, when you take the time to look at it from another angle, it also offers an opportunity to build up your customer relationships as well as strengthen the security components of your current privacy policies and procedures.
When you make improvements in auditability to achieve GDPR compliance, you are also helping to make the process of compliance with other regulations easier, faster, and less expensive. The efficiencies you develop throughout the process can improve the way your organization protects its data. The lessons you learn can also help you expand your cybersecurity program.
Speaking of cybersecurity and the business – working toward GDPR compliance will also make your organization better at balancing consumer privacy with business needs and goals. You’ll have the opportunity to change the relationship with your customers for the better. GDPR also gives your customers the “the right to be forgotten.” Currently, EU citizens have the right to approach organizations like Credit Karma or Facebook and ask to have their data erased. If your business model relies on using this data to make money, you might be feeling a little nervous. But try to think of it this way: the less data you have, the easier it becomes to secure it. This security fundamental should help offset some of the financial cost of losing certain customer data. It also gives you the opportunity to diversify and explore new long-term revenue generators.
GDPR isn’t just a regulation – it’s a competitive advantage.
GDPR compliance can help your business demonstrate to your customer base that your organization is a strong corporate citizen that cares about building trust with them. GDPR isn’t just a regulation – it’s a competitive advantage. Now more than ever, customers are concerned about the privacy of their data and demand to know what companies are doing with it. Establishing your organization as a trustworthy entity means improving customer loyalty and acquiring new customers that are unhappy with your less secure competition.
Becoming GDPR compliant does not have to be a burden. Start thinking of it as an opportunity to learn more about your business (and its data assets) and as a way to communicate your value to current and future consumers.
Ready to explore your options for becoming GDPR compliant? Email GreyCastle Security at intel@greycastlesecurity.com or give us a call: (518) 274-7233.
Offerings
Industries
Compliance
Copyright © 2023 GreyCastle Security. All Rights Reserved
800-403-8350Copyright © 2022 GreyCastle Security. All Rights Reserved
Ho Chin is Chief Financial Officer at GreyCastle Security. In this role, Ho leads Finance, HR, IT and Professional Development. As part of the executive leadership team, Ho works to establish the company’s overall strategy and ensure proper execution of the supporting initiatives pertaining to the above areas of responsibility.
Prior to joining GreyCastle Security, Ho led finance and administrative functions at multiple private equity and venture-backed portfolio companies across multiple industries. Ho holds a bachelor’s degree in Accounting from Pennsylvania State University in Centre County, Pennsylvania and a master’s degree in Business Administration from the Wharton School of Business at the University of Pennsylvania in Philadelphia, Pennsylvania.
Dan Kalil is Chief Executive Officer (CEO) and Board Chairman at GreyCastle Security. In this role, Dan provides vision, leadership and strategies that drive GreyCastle Security’s position as an industry leader. With an emphasis on customer success, Dan’s profitable growth model leverages a customer-centric business approach that balances employee wellbeing and social responsibility.
Prior to becoming CEO, Dan served as the company’s Chief Strategy Officer, during which he supported multiple acquisitions and helped the organization achieve substantial sales growth. In addition to serving as CEO at GreyCastle Security, Dan continues to hold the position of Chief Commercial Officer (CCO) at Assured information Security (AIS) in Rome, New York, a company he co-founded in 2001.
Over the course of the last 22 years, Dan has been committed to advancing the state of cybersecurity and has played an instrumental role in the identification and development of critical, next-generation cyber capabilities. He has held positions in almost every facet of cybersecurity, beginning as a computer forensic examiner and progressing through the management and executive leadership ranks. In addition to co-founding AIS, Dan has facilitated multiple cybersecurity startups, raised investment capital and has served in various lead and support roles toward the acquisition of five companies in the last eight years.
Dan has a bachelor’s degree in Cybersecurity and a master’s degree in Cybersecurity from Utica College in Utica, New York.
Michael Stamas is an entrepreneur, board member, Vice President and a founder of GreyCastle Security. With more than two decades of experience in the technology sector, Mike pairs his management and business development skills with a deep understanding of cybersecurity. Mike brings a unique brand of risk-based advising to GreyCastle clients and prospects.
Mike holds certifications in numerous security and technology related areas, including the Department of Homeland Security and other security technologies like Symantec, Cisco and Microsoft.
Mike plays an active role in his community and serves as a board member and Vice President of InfraGard Albany as well as an advisory board position with the Capital Region YMCA.
Mike has been recognized for his numerous achievements through various honors including the Albany Business Review’s prestigious 40 Under 40 award.
Dan Maynard serves as GreyCastle Security’s Chief Operating Officer, where he currently leads Sales, Marketing and Legal.
Dan has enjoyed a 30+ year career in the Information Technology and Telecommunications industry, during which time he has held various leadership positions for organizations such as Rochester Tel/RCI, Citizens Communications (Frontier), PAETEC Communications, IntegraOptics, tw telecom/Level3 and Centurylink.
In addition to various voice and data technology platforms, he possesses a strong background in leadership development, sales and marketing leadership, transformational leadership and strategic planning. Dan has a thirst for knowledge and as a committed lifelong learner, he encourages and supports professional development initiatives for his teams and continues his involvement with Vistage International.
Dan holds a bachelor’s degree in Biology from Lafayette College in Easton, Pennsylvania, where he was selected as a member of their Athletic Hall of Fame in 2016.
When not at work, Dan enjoys traveling, golfing, attending Utica Comets hockey games and relaxing in the Adirondacks on beautiful Canada Lake with family and friends.
Dan Didier is the Vice President of Solutions and board member at GreyCastle Security.
Dan has been a cybersecurity practitioner for more than 20 years and uses his knowledge and experience to develop cybersecurity solutions that ensure readiness and preparedness.
Dan received his bachelor’s degree in Telecommunications from SUNY Polytechnic Institute in Utica, New York, and graduated Summa Cum Laude with a master’s degree in Information Assurance from Norwich University in Northfield, Vermont.
Our Computer Incident Response Teams (CIRTs) have responded to hundreds of breaches, intrusions, malware infections, thefts, employee investigations, fraud cases and other incidents. Our highly-certified experts have extensive experience in command, coordination and correction of incidents in nearly every industry throughout North America, from local businesses to Fortune 500 international conglomerates.
800-403-8350Francesca LoPorto-Brandow is Director of Culture at GreyCastle Security. In this role, Francesca leads all social responsibility efforts and partnerships and develops effective strategies that promote organizational-wide behaviors and attitudes consistent with a culture of safety, inclusion, teamwork, motivation and high-performance.
Prior to this role, Francesca was Director of People & Culture at GreyCastle and with her leadership, the company’s culture has been recognized by Inc. Magazine as a Nationally recognized Best Workplace, Albany Business Review Best Places to Work and Albany Times Union Top Workplaces.
Before joining GreyCastle Security, Francesca worked as an OD consultant and focused on strategic culture change at The Kaleel Jamison Consulting Group, Inc. for more than six years. There, she facilitated client education sessions, coached leaders and teams, developed and executed consulting interventions and served as strategy project leader on various client engagements. Her work has taken her into Fortune 100 companies and across borders including Panama, Singapore and beyond.
Francesca is a Lean Six Sigma–certified Green Belt, a proud YWCA-GCR board member and in 2013, she coordinated and emceed the inaugural TEDx Troy—a livestream of TEDCity 2.0. Since 2012, she has coordinated and emceed the Troy 100 Forum, a biannual forum for government, religious and community leaders to discuss issues vital to the future of Troy, New York.
Bilingual in English and Italian, Francesca holds a bachelor’s degree in Management and Technology from the Rensselaer Polytechnic Institute’s Lally School of Management & Technology. She was awarded Cybersecurity Recruiter of the year North America in 2017 by the Cybersecurity Excellence Awards.
Jamie Aiello is Senior Vice President of Services and Product Management at GreyCastle Security. In this position, Jamie is responsible for leading a high performing and well-balanced team that is ultimately responsible for the identification, selection, execution and successful performance of our company’s diverse portfolio of cybersecurity offerings.
Prior to joining GreyCastle Security, Jamie has held leadership positions with Annese and Associates, ConvergeOne and BlueSky IT Partners with a focus on delivering cost effective information technology solutions for companies across multiple verticals.
Jamie holds a bachelor’s degree in Political Science from Le Moyne College in Syracuse, New York, a master’s degree in Business Administration from Gardner-Webb University in Boiling Springs, North Carolina and a master’s degree in Computer Information Systems from University of Phoenix in Phoenix, Arizona.
